You should then take a look at the config.h file. This file
contains definitions for some of the configuration options. If you are
using the recommended package, I recommend that you disable group
shadow support for your first time around.

By default shadowed group passwords are enabled. To disable these edit the
config.h file, and change the #define SHADOWGRP to
#undef SHADOWGRP. I recommend that you disable them to start
with, and then if you really want group passwords and group administrators
that you enable it later and recompile. If you leave it enabled, you
must create the file /etc/gshadow.

Enabling the long passwords option is NOT recommended as discussed above.

Do NOT change the setting: #undef AUTOSHADOW

The AUTOSHADOW option was originally designed so that programs
that were shadow ignorant would still function. This sounds good in theory,
but does not work correctly. If you enable this option, and the program runs
as root, it may call getpwnam() as root, and later write the modified
entry back to the /etc/passwd file (with the no-longer-shadowed
password). Such programs include chfn and chsh. (You can't get around
this by swapping real and effective uid before calling getpwnam()
because root may use chfn and chsh too.)

The same warning is also valid if you are building libc, it has a
SHADOW_COMPAT option which does the same thing. It should
NOT be used! If you start getting encoded passwords back in your
/etc/passwd file, this is the problem.

If you are using a libc version prior to 4.6.27, you will need to
make a couple more changes to config.h and the Makefile.
To config.h edit and change: